Skip to content

Instantly share code, notes, and snippets.

@simonetripodi

simonetripodi/proposal.patch

Created June 26, 2014 08:53
Show Gist options
  • Save simonetripodi/740ec4a8c1fdf06d5f3f to your computer and use it in GitHub Desktop.
Save simonetripodi/740ec4a8c1fdf06d5f3f to your computer and use it in GitHub Desktop.
Download ZIP
JWS Hmac and Rsa signature refactoring proposal
Raw
proposal.patch
Index: src/main/java/org/apache/oltu/jose/jws/JwsConstants.java
===================================================================
--- src/main/java/org/apache/oltu/jose/jws/JwsConstants.java (revision 1605704)
+++ src/main/java/org/apache/oltu/jose/jws/JwsConstants.java (working copy)
@@ -23,4 +23,9 @@
public static final String RS384 = "RS384";
public static final String RS512 = "RS512";
+
+ private JwsConstants() {
+ // do nothing
+ }
+
}
Index: src/main/java/org/apache/oltu/jose/jws/signature/impl/PrivateKey.java
===================================================================
--- src/main/java/org/apache/oltu/jose/jws/signature/impl/PrivateKey.java (revision 1605704)
+++ src/main/java/org/apache/oltu/jose/jws/signature/impl/PrivateKey.java (working copy)
@@ -1,33 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.oltu.jose.jws.signature.impl;
-
-import org.apache.oltu.jose.jws.signature.SigningKey;
-
-public class PrivateKey implements SigningKey {
-
- java.security.PrivateKey privateKey;
-
- public PrivateKey(java.security.PrivateKey privateKey) {
- this.privateKey = privateKey;
- }
-
- public java.security.PrivateKey getPrivateKey() {
- return privateKey;
- }
-
-}
\ No newline at end of file
Index: src/main/java/org/apache/oltu/jose/jws/signature/impl/PublicKey.java
===================================================================
--- src/main/java/org/apache/oltu/jose/jws/signature/impl/PublicKey.java (revision 1605704)
+++ src/main/java/org/apache/oltu/jose/jws/signature/impl/PublicKey.java (working copy)
@@ -1,33 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.oltu.jose.jws.signature.impl;
-
-import org.apache.oltu.jose.jws.signature.VerifyingKey;
-
-public class PublicKey implements VerifyingKey {
-
- java.security.PublicKey publicKey;
-
- public PublicKey(java.security.PublicKey publicKey) {
- this.publicKey = publicKey;
- }
-
- public java.security.PublicKey getPublicKey() {
- return publicKey;
- }
-
-}
\ No newline at end of file
Index: src/main/java/org/apache/oltu/jose/jws/signature/impl/SignatureMethodRSAImpl.java
===================================================================
--- src/main/java/org/apache/oltu/jose/jws/signature/impl/SignatureMethodRSAImpl.java (revision 1605704)
+++ src/main/java/org/apache/oltu/jose/jws/signature/impl/SignatureMethodRSAImpl.java (working copy)
@@ -1,130 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.oltu.jose.jws.signature.impl;
-
-import java.security.Signature;
-import org.apache.oltu.commons.encodedtoken.TokenDecoder;
-import org.apache.oltu.jose.jws.JwsConstants;
-import org.apache.oltu.jose.jws.signature.SignatureMethod;
-
-/**
- * Class that asymmetrically sign and verify the issued token.
- */
-public class SignatureMethodRSAImpl implements SignatureMethod<PrivateKey, PublicKey>{
-
- private String algorithm;
-
- public SignatureMethodRSAImpl(String algorithm) {
- this.algorithm = algorithm;
- }
-
- /**
- * Calculate the signature of given header.payload as for
- * <a href="http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-21#appendix-A.2.1">appendix-A.2.1</a>
- *
- * {@inheritDoc}
- */
- @Override
- public String calculate(String header, String payload, PrivateKey signingKey) {
- byte[] token = toToken(header, payload);
- try {
- Signature signature = Signature.getInstance(getAlgorithmInternal());
-
- signature.initSign(signingKey.getPrivateKey());
- signature.update(token);
- token = signature.sign();
-
- return TokenDecoder.base64Encode(token);
- } catch (Exception e) {
- throw new RuntimeException(e);
- }
- }
-
- /**
- * Verify the signature of given header.payload as for
- * <a href="http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-21#appendix-A.2.2">appendix-A.2.2</a>
- *
- * {@inheritDoc}
- */
- @Override
- public boolean verify(String signature, String header, String payload, PublicKey verifyingKey) {
- byte[] token = toToken(header, payload);
- try {
- Signature sign = Signature.getInstance(getAlgorithmInternal());
- sign.initVerify(verifyingKey.getPublicKey());
- sign.update(token);
-
- return sign.verify(decode(signature));
- } catch (Exception e) {
- return false;
- }
- }
-
- @Override
- public String getAlgorithm() {
- return algorithm;
- }
-
- // ---------- Private methods ---------------------------------------------
-
- private static byte[] toToken(String header, String payload) {
- return new StringBuilder()
- .append(header)
- .append(".")
- .append(payload)
- .toString()
- .getBytes();
- }
-
- private String getAlgorithmInternal() {
- String alg = null;
- if (JwsConstants.RS256.equals(algorithm)) {
- alg = "SHA256withRSA";
- } else if (JwsConstants.RS384.equals(algorithm)) {
- alg = "SHA384withRSA";
- } else if (JwsConstants.RS512.equals(algorithm)) {
- alg = "SHA512withRSA";
- }
- return alg;
- }
-
- private static byte[] decode(String arg) throws Exception {
- String s = arg;
- s = s.replace('-', '+'); // 62nd char of encoding
- s = s.replace('_', '/'); // 63rd char of encoding
-
- switch (s.length() % 4) // Pad with trailing '='s
- {
- case 0: // No pad chars in this case
- break;
-
- case 2: // Two pad chars
- s += "==";
- break;
-
- case 3: // One pad char
- s += "=";
- break;
-
- default:
- throw new Exception("Illegal base64url string!");
- }
-
- return TokenDecoder.base64DecodeToByte(s);
- }
-
-}
Index: src/main/java/org/apache/oltu/jose/jws/signature/impl/SignatureMethodsHMAC256Impl.java
===================================================================
--- src/main/java/org/apache/oltu/jose/jws/signature/impl/SignatureMethodsHMAC256Impl.java (revision 1605704)
+++ src/main/java/org/apache/oltu/jose/jws/signature/impl/SignatureMethodsHMAC256Impl.java (working copy)
@@ -1,63 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.oltu.jose.jws.signature.impl;
-
-import java.security.InvalidKeyException;
-import java.security.NoSuchAlgorithmException;
-import javax.crypto.Mac;
-import javax.crypto.spec.SecretKeySpec;
-import org.apache.oltu.commons.encodedtoken.TokenDecoder;
-import org.apache.oltu.jose.jws.signature.SignatureMethod;
-
-public class SignatureMethodsHMAC256Impl implements SignatureMethod<SymmetricKeyImpl, SymmetricKeyImpl> {
-
- private static final String ALG = "HS256";
-
- @Override
- public String calculate(String header, String payload, SymmetricKeyImpl signingKey) {
- StringBuilder sb = new StringBuilder();
- sb.append(header).append(".").append(payload);
- String stringToSign = sb.toString();
- byte[] bytes = stringToSign.getBytes();
-
- try {
- Mac mac = Mac.getInstance("HMACSHA256");
- mac.init(new SecretKeySpec(signingKey.getKey(), mac.getAlgorithm()));
- mac.update(bytes);
- bytes = mac.doFinal();
-
- } catch (NoSuchAlgorithmException e) {
- throw new RuntimeException(e);
- } catch (InvalidKeyException e) {
- throw new RuntimeException(e);
- }
-
- return TokenDecoder.base64Encode(bytes);
- }
-
- @Override
- public boolean verify(String signature, String header, String payload, SymmetricKeyImpl verifyingKey) {
- String signed = calculate(header, payload, verifyingKey);
- return signed.equals(signature);
- }
-
- @Override
- public String getAlgorithm() {
- return ALG;
- }
-
-}
Index: src/main/java/org/apache/oltu/jose/jws/signature/impl/SymmetricKeyImpl.java
===================================================================
--- src/main/java/org/apache/oltu/jose/jws/signature/impl/SymmetricKeyImpl.java (revision 1605704)
+++ src/main/java/org/apache/oltu/jose/jws/signature/impl/SymmetricKeyImpl.java (working copy)
@@ -1,37 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.oltu.jose.jws.signature.impl;
-
-import org.apache.oltu.jose.jws.signature.SymmetricKey;
-
-/**
- * Symmetric key implementation used for both <i>sign</i> and <i>verify</i>
- * operations.
- */
-public class SymmetricKeyImpl implements SymmetricKey {
-
- private byte[] key;
-
- public SymmetricKeyImpl(byte[] key) {
- this.key = key;
- }
-
- public byte[] getKey() {
- return key;
- }
-
-}
Index: src/main/java/org/apache/oltu/jose/jws/signature/impl/hmac/Hmac256SignatureMethod.java
===================================================================
--- src/main/java/org/apache/oltu/jose/jws/signature/impl/hmac/Hmac256SignatureMethod.java (revision 0)
+++ src/main/java/org/apache/oltu/jose/jws/signature/impl/hmac/Hmac256SignatureMethod.java (working copy)
@@ -0,0 +1,64 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.oltu.jose.jws.signature.impl.hmac;
+
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import javax.crypto.Mac;
+import javax.crypto.spec.SecretKeySpec;
+import org.apache.oltu.commons.encodedtoken.TokenDecoder;
+import org.apache.oltu.jose.jws.signature.SignatureMethod;
+
+public class Hmac256SignatureMethod implements SignatureMethod<HmacSymmetricKey, HmacSymmetricKey> {
+
+ private static final String ALGORITHM_NAME = "HS256";
+
+ private static final String MAC_NAME = "HMACSHA256";
+
+ @Override
+ public String calculate(String header, String payload, HmacSymmetricKey signingKey) {
+ StringBuilder sb = new StringBuilder();
+ sb.append(header).append(".").append(payload);
+ String stringToSign = sb.toString();
+ byte[] bytes = stringToSign.getBytes();
+
+ try {
+ Mac mac = Mac.getInstance(MAC_NAME);
+ mac.init(new SecretKeySpec(signingKey.getKey(), mac.getAlgorithm()));
+ mac.update(bytes);
+ bytes = mac.doFinal();
+ } catch (NoSuchAlgorithmException e) {
+ throw new RuntimeException(e);
+ } catch (InvalidKeyException e) {
+ throw new RuntimeException(e);
+ }
+
+ return TokenDecoder.base64Encode(bytes);
+ }
+
+ @Override
+ public boolean verify(String signature, String header, String payload, HmacSymmetricKey verifyingKey) {
+ String signed = calculate(header, payload, verifyingKey);
+ return signed.equals(signature);
+ }
+
+ @Override
+ public String getAlgorithm() {
+ return ALGORITHM_NAME;
+ }
+
+}
Property changes on: src/main/java/org/apache/oltu/jose/jws/signature/impl/hmac/Hmac256SignatureMethod.java
___________________________________________________________________
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+Date Author Id Revision HeadURL
\ No newline at end of property
Index: src/main/java/org/apache/oltu/jose/jws/signature/impl/hmac/HmacSymmetricKey.java
===================================================================
--- src/main/java/org/apache/oltu/jose/jws/signature/impl/hmac/HmacSymmetricKey.java (revision 0)
+++ src/main/java/org/apache/oltu/jose/jws/signature/impl/hmac/HmacSymmetricKey.java (working copy)
@@ -0,0 +1,42 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.oltu.jose.jws.signature.impl.hmac;
+
+import org.apache.oltu.jose.jws.signature.SymmetricKey;
+
+/**
+ * Symmetric key implementation used for both <i>sign</i> and <i>verify</i>
+ * operations.
+ */
+public class HmacSymmetricKey implements SymmetricKey {
+
+ private final byte[] key;
+
+ HmacSymmetricKey(byte[] key) {
+ this.key = key;
+ }
+
+ byte[] getKey() {
+ return key;
+ }
+
+ @Override
+ public String toString() {
+ return new String(key);
+ }
+
+}
Property changes on: src/main/java/org/apache/oltu/jose/jws/signature/impl/hmac/HmacSymmetricKey.java
___________________________________________________________________
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+Date Author Id Revision HeadURL
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Index: src/main/java/org/apache/oltu/jose/jws/signature/impl/hmac/KeyFactory.java
===================================================================
--- src/main/java/org/apache/oltu/jose/jws/signature/impl/hmac/KeyFactory.java (revision 0)
+++ src/main/java/org/apache/oltu/jose/jws/signature/impl/hmac/KeyFactory.java (working copy)
@@ -0,0 +1,28 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.oltu.jose.jws.signature.impl.hmac;
+
+public final class KeyFactory {
+
+ public static HmacSymmetricKey generate(byte[] key) {
+ if (key == null) {
+ throw new IllegalArgumentException("Impossible to create an HMAC SymmetricKey from a null byte array");
+ }
+ return new HmacSymmetricKey(key);
+ }
+
+}
Property changes on: src/main/java/org/apache/oltu/jose/jws/signature/impl/hmac/KeyFactory.java
___________________________________________________________________
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+Date Author Id Revision HeadURL
\ No newline at end of property
Index: src/main/java/org/apache/oltu/jose/jws/signature/impl/hmac/package-info.java
===================================================================
--- src/main/java/org/apache/oltu/jose/jws/signature/impl/hmac/package-info.java (revision 0)
+++ src/main/java/org/apache/oltu/jose/jws/signature/impl/hmac/package-info.java (working copy)
@@ -0,0 +1,21 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ *
+ */
+package org.apache.oltu.jose.jws.signature.impl.hmac;
Property changes on: src/main/java/org/apache/oltu/jose/jws/signature/impl/hmac/package-info.java
___________________________________________________________________
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+Date Author Id Revision HeadURL
\ No newline at end of property
Index: src/main/java/org/apache/oltu/jose/jws/signature/impl/rsa/AbstractRsaSignatureMethod.java
===================================================================
--- src/main/java/org/apache/oltu/jose/jws/signature/impl/rsa/AbstractRsaSignatureMethod.java (revision 0)
+++ src/main/java/org/apache/oltu/jose/jws/signature/impl/rsa/AbstractRsaSignatureMethod.java (working copy)
@@ -0,0 +1,121 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.oltu.jose.jws.signature.impl.rsa;
+
+import java.security.Signature;
+
+import org.apache.oltu.commons.encodedtoken.TokenDecoder;
+import org.apache.oltu.jose.jws.signature.SignatureMethod;
+
+/**
+ * Class that asymmetrically sign and verify the issued token.
+ */
+abstract class AbstractRsaSignatureMethod implements SignatureMethod<PrivateKey, PublicKey>{
+
+ private final String algorithm;
+
+ private final String internalAlgorithm;
+
+ public AbstractRsaSignatureMethod(String algorithm, String internalAlgorithm) {
+ this.algorithm = algorithm;
+ this.internalAlgorithm = internalAlgorithm;
+ }
+
+ /**
+ * Calculate the signature of given header.payload as for
+ * <a href="http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-21#appendix-A.2.1">appendix-A.2.1</a>
+ *
+ * {@inheritDoc}
+ */
+ @Override
+ public String calculate(String header, String payload, PrivateKey signingKey) {
+ byte[] token = toToken(header, payload);
+ try {
+ Signature signature = Signature.getInstance(internalAlgorithm);
+
+ signature.initSign(signingKey.getPrivateKey());
+ signature.update(token);
+ token = signature.sign();
+
+ return TokenDecoder.base64Encode(token);
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+ /**
+ * Verify the signature of given header.payload as for
+ * <a href="http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-21#appendix-A.2.2">appendix-A.2.2</a>
+ *
+ * {@inheritDoc}
+ */
+ @Override
+ public boolean verify(String signature, String header, String payload, PublicKey verifyingKey) {
+ byte[] token = toToken(header, payload);
+ try {
+ Signature sign = Signature.getInstance(internalAlgorithm);
+ sign.initVerify(verifyingKey.getPublicKey());
+ sign.update(token);
+
+ return sign.verify(decode(signature));
+ } catch (Exception e) {
+ return false;
+ }
+ }
+
+ @Override
+ public String getAlgorithm() {
+ return algorithm;
+ }
+
+ // ---------- Private methods ---------------------------------------------
+
+ private static byte[] toToken(String header, String payload) {
+ return new StringBuilder()
+ .append(header)
+ .append(".")
+ .append(payload)
+ .toString()
+ .getBytes();
+ }
+
+ private static byte[] decode(String arg) throws Exception {
+ String s = arg;
+ s = s.replace('-', '+'); // 62nd char of encoding
+ s = s.replace('_', '/'); // 63rd char of encoding
+
+ switch (s.length() % 4) // Pad with trailing '='s
+ {
+ case 0: // No pad chars in this case
+ break;
+
+ case 2: // Two pad chars
+ s += "==";
+ break;
+
+ case 3: // One pad char
+ s += "=";
+ break;
+
+ default:
+ throw new Exception("Illegal base64url string!");
+ }
+
+ return TokenDecoder.base64DecodeToByte(s);
+ }
+
+}
Property changes on: src/main/java/org/apache/oltu/jose/jws/signature/impl/rsa/AbstractRsaSignatureMethod.java
___________________________________________________________________
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+Date Author Id Revision HeadURL
\ No newline at end of property
Index: src/main/java/org/apache/oltu/jose/jws/signature/impl/rsa/KeyFactory.java
===================================================================
--- src/main/java/org/apache/oltu/jose/jws/signature/impl/rsa/KeyFactory.java (revision 0)
+++ src/main/java/org/apache/oltu/jose/jws/signature/impl/rsa/KeyFactory.java (working copy)
@@ -0,0 +1,96 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.oltu.jose.jws.signature.impl.rsa;
+
+import java.math.BigInteger;
+import java.security.NoSuchAlgorithmException;
+import java.security.spec.RSAPrivateKeySpec;
+import java.security.spec.RSAPublicKeySpec;
+
+import org.apache.oltu.commons.encodedtoken.TokenDecoder;
+
+public final class KeyFactory {
+
+ private java.security.KeyFactory keyFactory;
+
+ public KeyFactory() {
+ try {
+ keyFactory = java.security.KeyFactory.getInstance("RSA");
+ } catch (NoSuchAlgorithmException e) {
+ // swallow, cannot happen
+ }
+ }
+
+ public PrivateKey generatePrivate(String base64EncodedN, String base64EncodedD) throws Exception {
+ if (base64EncodedN == null) {
+ throw new IllegalArgumentException("Impossible to generate a private key with a null N");
+ }
+ byte[] n = TokenDecoder.base64DecodeToByte(base64EncodedN);
+
+ if (base64EncodedD == null) {
+ throw new IllegalArgumentException("Impossible to generate a private key with a null N");
+ }
+ byte[] d = TokenDecoder.base64DecodeToByte(base64EncodedD);
+
+ return generatePrivate(n, d);
+ }
+
+ public PrivateKey generatePrivate(byte[] n, byte[] d) throws Exception {
+ if (n == null) {
+ throw new IllegalArgumentException("Impossible to generate a private key with a null 'n' byte array");
+ }
+ BigInteger modulus = new BigInteger(1, n);
+
+ if (d == null) {
+ throw new IllegalArgumentException("Impossible to generate a private key with a null 'n' byte array");
+ }
+ BigInteger privateExponent = new BigInteger(1, d);
+
+ RSAPrivateKeySpec privKeySpec = new RSAPrivateKeySpec(modulus, privateExponent);
+ return new PrivateKey(keyFactory.generatePrivate(privKeySpec));
+ }
+
+ public PublicKey generatePublic(String base64EncodedN, String base64EncodedE) throws Exception {
+ if (base64EncodedN == null) {
+ throw new IllegalArgumentException("Impossible to generate a public key with a null N");
+ }
+ byte[] n = TokenDecoder.base64DecodeToByte(base64EncodedN);
+
+ if (base64EncodedE == null) {
+ throw new IllegalArgumentException("Impossible to generate a private key with a null E");
+ }
+ byte[] e = TokenDecoder.base64DecodeToByte(base64EncodedE);
+
+ return generatePublic(n, e);
+ }
+
+ public PublicKey generatePublic(byte[] n, byte[] e) throws Exception {
+ if (n == null) {
+ throw new IllegalArgumentException("Impossible to generate a public key with a null 'n' byte array");
+ }
+ BigInteger modulus = new BigInteger(1, n);
+
+ if (e == null) {
+ throw new IllegalArgumentException("Impossible to generate a private key with a null 'e' byte array");
+ }
+ BigInteger publicExponent = new BigInteger(1, e);
+
+ RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(modulus, publicExponent);
+ return new PublicKey(keyFactory.generatePublic(pubKeySpec));
+ }
+
+}
Property changes on: src/main/java/org/apache/oltu/jose/jws/signature/impl/rsa/KeyFactory.java
___________________________________________________________________
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+Date Author Id Revision HeadURL
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Index: src/main/java/org/apache/oltu/jose/jws/signature/impl/rsa/PrivateKey.java
===================================================================
--- src/main/java/org/apache/oltu/jose/jws/signature/impl/rsa/PrivateKey.java (revision 0)
+++ src/main/java/org/apache/oltu/jose/jws/signature/impl/rsa/PrivateKey.java (working copy)
@@ -0,0 +1,38 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.oltu.jose.jws.signature.impl.rsa;
+
+import org.apache.oltu.jose.jws.signature.SigningKey;
+
+public class PrivateKey implements SigningKey {
+
+ java.security.PrivateKey privateKey;
+
+ PrivateKey(java.security.PrivateKey privateKey) {
+ this.privateKey = privateKey;
+ }
+
+ java.security.PrivateKey getPrivateKey() {
+ return privateKey;
+ }
+
+ @Override
+ public String toString() {
+ return privateKey.toString();
+ }
+
+}
\ No newline at end of file
Property changes on: src/main/java/org/apache/oltu/jose/jws/signature/impl/rsa/PrivateKey.java
___________________________________________________________________
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+Date Author Id Revision HeadURL
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Index: src/main/java/org/apache/oltu/jose/jws/signature/impl/rsa/PublicKey.java
===================================================================
--- src/main/java/org/apache/oltu/jose/jws/signature/impl/rsa/PublicKey.java (revision 0)
+++ src/main/java/org/apache/oltu/jose/jws/signature/impl/rsa/PublicKey.java (working copy)
@@ -0,0 +1,38 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.oltu.jose.jws.signature.impl.rsa;
+
+import org.apache.oltu.jose.jws.signature.VerifyingKey;
+
+public class PublicKey implements VerifyingKey {
+
+ java.security.PublicKey publicKey;
+
+ PublicKey(java.security.PublicKey publicKey) {
+ this.publicKey = publicKey;
+ }
+
+ java.security.PublicKey getPublicKey() {
+ return publicKey;
+ }
+
+ @Override
+ public String toString() {
+ return publicKey.toString();
+ }
+
+}
\ No newline at end of file
Property changes on: src/main/java/org/apache/oltu/jose/jws/signature/impl/rsa/PublicKey.java
___________________________________________________________________
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+Date Author Id Revision HeadURL
\ No newline at end of property
Index: src/main/java/org/apache/oltu/jose/jws/signature/impl/rsa/Sha256SignatureMethod.java
===================================================================
--- src/main/java/org/apache/oltu/jose/jws/signature/impl/rsa/Sha256SignatureMethod.java (revision 0)
+++ src/main/java/org/apache/oltu/jose/jws/signature/impl/rsa/Sha256SignatureMethod.java (working copy)
@@ -0,0 +1,27 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.oltu.jose.jws.signature.impl.rsa;
+
+import org.apache.oltu.jose.jws.JwsConstants;
+
+public final class Sha256SignatureMethod extends AbstractRsaSignatureMethod {
+
+ public Sha256SignatureMethod() {
+ super(JwsConstants.RS256, "SHA256withRSA");
+ }
+
+}
Property changes on: src/main/java/org/apache/oltu/jose/jws/signature/impl/rsa/Sha256SignatureMethod.java
___________________________________________________________________
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+Date Author Id Revision HeadURL
\ No newline at end of property
Index: src/main/java/org/apache/oltu/jose/jws/signature/impl/rsa/Sha384SignatureMethod.java
===================================================================
--- src/main/java/org/apache/oltu/jose/jws/signature/impl/rsa/Sha384SignatureMethod.java (revision 0)
+++ src/main/java/org/apache/oltu/jose/jws/signature/impl/rsa/Sha384SignatureMethod.java (working copy)
@@ -0,0 +1,27 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.oltu.jose.jws.signature.impl.rsa;
+
+import org.apache.oltu.jose.jws.JwsConstants;
+
+public final class Sha384SignatureMethod extends AbstractRsaSignatureMethod {
+
+ public Sha384SignatureMethod() {
+ super(JwsConstants.RS384, "SHA384withRSA");
+ }
+
+}
Property changes on: src/main/java/org/apache/oltu/jose/jws/signature/impl/rsa/Sha384SignatureMethod.java
___________________________________________________________________
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+Date Author Id Revision HeadURL
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Index: src/main/java/org/apache/oltu/jose/jws/signature/impl/rsa/Sha512SignatureMethod.java
===================================================================
--- src/main/java/org/apache/oltu/jose/jws/signature/impl/rsa/Sha512SignatureMethod.java (revision 0)
+++ src/main/java/org/apache/oltu/jose/jws/signature/impl/rsa/Sha512SignatureMethod.java (working copy)
@@ -0,0 +1,27 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.oltu.jose.jws.signature.impl.rsa;
+
+import org.apache.oltu.jose.jws.JwsConstants;
+
+public final class Sha512SignatureMethod extends AbstractRsaSignatureMethod {
+
+ public Sha512SignatureMethod() {
+ super(JwsConstants.RS512, "SHA512withRSA");
+ }
+
+}
Property changes on: src/main/java/org/apache/oltu/jose/jws/signature/impl/rsa/Sha512SignatureMethod.java
___________________________________________________________________
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+Date Author Id Revision HeadURL
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Index: src/main/java/org/apache/oltu/jose/jws/signature/impl/rsa/package-info.java
===================================================================
--- src/main/java/org/apache/oltu/jose/jws/signature/impl/rsa/package-info.java (revision 0)
+++ src/main/java/org/apache/oltu/jose/jws/signature/impl/rsa/package-info.java (working copy)
@@ -0,0 +1,21 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ *
+ */
+package org.apache.oltu.jose.jws.signature.impl.rsa;
Property changes on: src/main/java/org/apache/oltu/jose/jws/signature/impl/rsa/package-info.java
___________________________________________________________________
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+Date Author Id Revision HeadURL
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Index: src/test/java/org/apache/oltu/jose/jws/signature/impl/SignatureMethodRSAImplTest.java
===================================================================
--- src/test/java/org/apache/oltu/jose/jws/signature/impl/SignatureMethodRSAImplTest.java (revision 1605704)
+++ src/test/java/org/apache/oltu/jose/jws/signature/impl/SignatureMethodRSAImplTest.java (working copy)
@@ -1,294 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.oltu.jose.jws.signature.impl;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-import java.math.BigInteger;
-import java.security.KeyFactory;
-import java.security.interfaces.RSAPrivateKey;
-import java.security.interfaces.RSAPublicKey;
-import java.security.spec.RSAPrivateKeySpec;
-import java.security.spec.RSAPublicKeySpec;
-import org.apache.oltu.commons.encodedtoken.TokenDecoder;
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-
-
-/**
- * Unit test based on the example contained in
- * http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-25#appendix-A.2 and
- * http://tools.ietf.org/html/draft-ietf-jose-cookbook-01#section-3.1
- *
- */
-public class SignatureMethodRSAImplTest {
-
- private String rsa256;
-
- private SignatureMethodRSAImpl sRsaImpl;
-
- private String payload;
-
- private RSAPrivateKey rsaPrivKey;
-
- private RSAPublicKey rsaPublicKey;
-
- @Before
- public void setUp() throws Exception {
- sRsaImpl = new SignatureMethodRSAImpl("RS256");
- }
-
- @After
- public void tearDown() {
- payload = null;
- rsa256 = null;
- rsaPrivKey = null;
- rsaPublicKey = null;
- sRsaImpl= null;
- }
-
- //validates the example in http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-25#appendix-A.2
- @Test
- public void testCalculate() throws Exception{
- final byte[] n = { (byte) 161, (byte) 248, (byte) 22, (byte) 10, (byte) 226, (byte) 227, (byte) 201, (byte) 180,
- (byte) 101, (byte) 206, (byte) 141, (byte) 45, (byte) 101, (byte) 98, (byte) 99, (byte) 54, (byte) 43,
- (byte) 146, (byte) 125, (byte) 190, (byte) 41, (byte) 225, (byte) 240, (byte) 36, (byte) 119, (byte) 252,
- (byte) 22, (byte) 37, (byte) 204, (byte) 144, (byte) 161, (byte) 54, (byte) 227, (byte) 139, (byte) 217,
- (byte) 52, (byte) 151, (byte) 197, (byte) 182, (byte) 234, (byte) 99, (byte) 221, (byte) 119, (byte) 17,
- (byte) 230, (byte) 124, (byte) 116, (byte) 41, (byte) 249, (byte) 86, (byte) 176, (byte) 251, (byte) 138,
- (byte) 143, (byte) 8, (byte) 154, (byte) 220, (byte) 75, (byte) 105, (byte) 137, (byte) 60, (byte) 193,
- (byte) 51, (byte) 63, (byte) 83, (byte) 237, (byte) 208, (byte) 25, (byte) 184, (byte) 119, (byte) 132,
- (byte) 37, (byte) 47, (byte) 236, (byte) 145, (byte) 79, (byte) 228, (byte) 133, (byte) 119, (byte) 105,
- (byte) 89, (byte) 75, (byte) 234, (byte) 66, (byte) 128, (byte) 211, (byte) 44, (byte) 15, (byte) 85,
- (byte) 191, (byte) 98, (byte) 148, (byte) 79, (byte) 19, (byte) 3, (byte) 150, (byte) 188, (byte) 110,
- (byte) 155, (byte) 223, (byte) 110, (byte) 189, (byte) 210, (byte) 189, (byte) 163, (byte) 103, (byte) 142,
- (byte) 236, (byte) 160, (byte) 198, (byte) 104, (byte) 247, (byte) 1, (byte) 179, (byte) 141, (byte) 191,
- (byte) 251, (byte) 56, (byte) 200, (byte) 52, (byte) 44, (byte) 226, (byte) 254, (byte) 109, (byte) 39,
- (byte) 250, (byte) 222, (byte) 74, (byte) 90, (byte) 72, (byte) 116, (byte) 151, (byte) 157, (byte) 212,
- (byte) 185, (byte) 207, (byte) 154, (byte) 222, (byte) 196, (byte) 199, (byte) 91, (byte) 5, (byte) 133,
- (byte) 44, (byte) 44, (byte) 15, (byte) 94, (byte) 248, (byte) 165, (byte) 193, (byte) 117, (byte) 3,
- (byte) 146, (byte) 249, (byte) 68, (byte) 232, (byte) 237, (byte) 100, (byte) 193, (byte) 16, (byte) 198,
- (byte) 182, (byte) 71, (byte) 96, (byte) 154, (byte) 164, (byte) 120, (byte) 58, (byte) 235, (byte) 156,
- (byte) 108, (byte) 154, (byte) 215, (byte) 85, (byte) 49, (byte) 48, (byte) 80, (byte) 99, (byte) 139,
- (byte) 131, (byte) 102, (byte) 92, (byte) 111, (byte) 111, (byte) 122, (byte) 130, (byte) 163, (byte) 150,
- (byte) 112, (byte) 42, (byte) 31, (byte) 100, (byte) 27, (byte) 130, (byte) 211, (byte) 235, (byte) 242,
- (byte) 57, (byte) 34, (byte) 25, (byte) 73, (byte) 31, (byte) 182, (byte) 134, (byte) 135, (byte) 44,
- (byte) 87, (byte) 22, (byte) 245, (byte) 10, (byte) 248, (byte) 53, (byte) 141, (byte) 154, (byte) 139,
- (byte) 157, (byte) 23, (byte) 195, (byte) 64, (byte) 114, (byte) 143, (byte) 127, (byte) 135, (byte) 216,
- (byte) 154, (byte) 24, (byte) 216, (byte) 252, (byte) 171, (byte) 103, (byte) 173, (byte) 132, (byte) 89,
- (byte) 12, (byte) 46, (byte) 207, (byte) 117, (byte) 147, (byte) 57, (byte) 54, (byte) 60, (byte) 7,
- (byte) 3, (byte) 77, (byte) 111, (byte) 96, (byte) 111, (byte) 158, (byte) 33, (byte) 224, (byte) 84,
- (byte) 86, (byte) 202, (byte) 229, (byte) 233, (byte) 161 };
- final byte[] e = { 1, 0, 1 };
- final byte[] d = { 18, (byte) 174, (byte) 113, (byte) 164, (byte) 105, (byte) 205, (byte) 10, (byte) 43,
- (byte) 195, (byte) 126, (byte) 82, (byte) 108, (byte) 69, (byte) 0, (byte) 87, (byte) 31, (byte) 29,
- (byte) 97, (byte) 117, (byte) 29, (byte) 100, (byte) 233, (byte) 73, (byte) 112, (byte) 123, (byte) 98,
- (byte) 89, (byte) 15, (byte) 157, (byte) 11, (byte) 165, (byte) 124, (byte) 150, (byte) 60, (byte) 64,
- (byte) 30, (byte) 63, (byte) 207, (byte) 47, (byte) 44, (byte) 211, (byte) 189, (byte) 236, (byte) 136,
- (byte) 229, (byte) 3, (byte) 191, (byte) 198, (byte) 67, (byte) 155, (byte) 11, (byte) 40, (byte) 200,
- (byte) 47, (byte) 125, (byte) 55, (byte) 151, (byte) 103, (byte) 31, (byte) 82, (byte) 19, (byte) 238,
- (byte) 216, (byte) 193, (byte) 90, (byte) 37, (byte) 216, (byte) 213, (byte) 206, (byte) 160, (byte) 2,
- (byte) 94, (byte) 227, (byte) 171, (byte) 46, (byte) 139, (byte) 127, (byte) 121, (byte) 33, (byte) 111,
- (byte) 198, (byte) 59, (byte) 234, (byte) 86, (byte) 39, (byte) 83, (byte) 180, (byte) 6, (byte) 68,
- (byte) 198, (byte) 161, (byte) 81, (byte) 39, (byte) 217, (byte) 178, (byte) 149, (byte) 69, (byte) 64,
- (byte) 160, (byte) 187, (byte) 225, (byte) 163, (byte) 5, (byte) 86, (byte) 152, (byte) 45, (byte) 78,
- (byte) 159, (byte) 222, (byte) 95, (byte) 100, (byte) 37, (byte) 241, (byte) 77, (byte) 75, (byte) 113,
- (byte) 52, (byte) 65, (byte) 181, (byte) 93, (byte) 199, (byte) 59, (byte) 155, (byte) 74, (byte) 237,
- (byte) 204, (byte) 146, (byte) 172, (byte) 227, (byte) 146, (byte) 126, (byte) 55, (byte) 245, (byte) 125,
- (byte) 12, (byte) 253, (byte) 94, (byte) 117, (byte) 129, (byte) 250, (byte) 81, (byte) 44, (byte) 143,
- (byte) 73, (byte) 97, (byte) 169, (byte) 235, (byte) 11, (byte) 128, (byte) 248, (byte) 168, (byte) 7,
- (byte) 70, (byte) 114, (byte) 138, (byte) 85, (byte) 255, (byte) 70, (byte) 71, (byte) 31, (byte) 52,
- (byte) 37, (byte) 6, (byte) 59, (byte) 157, (byte) 83, (byte) 100, (byte) 47, (byte) 94, (byte) 222,
- (byte) 30, (byte) 132, (byte) 214, (byte) 19, (byte) 8, (byte) 26, (byte) 250, (byte) 92, (byte) 34,
- (byte) 208, (byte) 81, (byte) 40, (byte) 91, (byte) 214, (byte) 59, (byte) 148, (byte) 59, (byte) 86,
- (byte) 93, (byte) 137, (byte) 138, (byte) 5, (byte) 104, (byte) 84, (byte) 19, (byte) 229, (byte) 60,
- (byte) 60, (byte) 108, (byte) 101, (byte) 37, (byte) 255, (byte) 31, (byte) 227, (byte) 78, (byte) 61,
- (byte) 220, (byte) 112, (byte) 240, (byte) 213, (byte) 100, (byte) 80, (byte) 253, (byte) 164, (byte) 139,
- (byte) 161, (byte) 46, (byte) 16, (byte) 78, (byte) 157, (byte) 235, (byte) 159, (byte) 184, (byte) 24,
- (byte) 129, (byte) 225, (byte) 196, (byte) 189, (byte) 242, (byte) 93, (byte) 146, (byte) 71, (byte) 244,
- (byte) 80, (byte) 200, (byte) 101, (byte) 146, (byte) 121, (byte) 104, (byte) 231, (byte) 115, (byte) 52,
- (byte) 244, (byte) 65, (byte) 79, (byte) 117, (byte) 167, (byte) 80, (byte) 225, (byte) 57, (byte) 84,
- (byte) 110, (byte) 58, (byte) 138, (byte) 115, (byte) 157 };
-
- BigInteger N = new BigInteger(1, n);
- BigInteger E = new BigInteger(1, e);
- BigInteger D = new BigInteger(1, d);
-
- KeyFactory keyFactory = KeyFactory.getInstance("RSA");
- RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(N, E);
- RSAPrivateKeySpec privKeySpec = new RSAPrivateKeySpec(N, D);
- rsaPublicKey = (RSAPublicKey) keyFactory.generatePublic(pubKeySpec);
- rsaPrivKey = (RSAPrivateKey) keyFactory.generatePrivate(privKeySpec);
-
- rsa256 = "{\"alg\":\"RS256\"}";
- payload = "{\"iss\":\"joe\",\r\n \"exp\":1300819380,\r\n \"http://example.com/is_root\":true}";
-
- assertEquals("cC4hiUPoj9Eetdgtv3hF80EGrhuB__dzERat0XF9g2VtQgr9PJbu3XOiZj5RZmh7"+
- "AAuHIm4Bh-0Qc_lF5YKt_O8W2Fp5jujGbds9uJdbF9CUAr7t1dnZcAcQjbKBYNX4"+
- "BAynRFdiuB--f_nZLgrnbyTyWzO75vRK5h6xBArLIARNPvkSjtQBMHlb1L07Qe7K"+
- "0GarZRmB_eSN9383LcOLn6_dO--xi12jzDwusC-eOkHWEsqtFZESc6BfI7noOPqv"+
- "hJ1phCnvWh6IeYI2w9QOYEUipUTI8np6LbgGY9Fs98rqVt5AXLIhWkWywlVmtVrB"+
- "p0igcN_IoypGlUPQGe77Rw",
- sRsaImpl.calculate(TokenDecoder.base64Encode(rsa256),
- TokenDecoder.base64Encode(payload), new PrivateKey(rsaPrivKey)));
- }
-
- //validates the example in http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-25#appendix-A.2
- @Test
- public void testVerify() throws Exception{
- final byte[] n = { (byte) 161, (byte) 248, (byte) 22, (byte) 10, (byte) 226, (byte) 227, (byte) 201, (byte) 180,
- (byte) 101, (byte) 206, (byte) 141, (byte) 45, (byte) 101, (byte) 98, (byte) 99, (byte) 54, (byte) 43,
- (byte) 146, (byte) 125, (byte) 190, (byte) 41, (byte) 225, (byte) 240, (byte) 36, (byte) 119, (byte) 252,
- (byte) 22, (byte) 37, (byte) 204, (byte) 144, (byte) 161, (byte) 54, (byte) 227, (byte) 139, (byte) 217,
- (byte) 52, (byte) 151, (byte) 197, (byte) 182, (byte) 234, (byte) 99, (byte) 221, (byte) 119, (byte) 17,
- (byte) 230, (byte) 124, (byte) 116, (byte) 41, (byte) 249, (byte) 86, (byte) 176, (byte) 251, (byte) 138,
- (byte) 143, (byte) 8, (byte) 154, (byte) 220, (byte) 75, (byte) 105, (byte) 137, (byte) 60, (byte) 193,
- (byte) 51, (byte) 63, (byte) 83, (byte) 237, (byte) 208, (byte) 25, (byte) 184, (byte) 119, (byte) 132,
- (byte) 37, (byte) 47, (byte) 236, (byte) 145, (byte) 79, (byte) 228, (byte) 133, (byte) 119, (byte) 105,
- (byte) 89, (byte) 75, (byte) 234, (byte) 66, (byte) 128, (byte) 211, (byte) 44, (byte) 15, (byte) 85,
- (byte) 191, (byte) 98, (byte) 148, (byte) 79, (byte) 19, (byte) 3, (byte) 150, (byte) 188, (byte) 110,
- (byte) 155, (byte) 223, (byte) 110, (byte) 189, (byte) 210, (byte) 189, (byte) 163, (byte) 103, (byte) 142,
- (byte) 236, (byte) 160, (byte) 198, (byte) 104, (byte) 247, (byte) 1, (byte) 179, (byte) 141, (byte) 191,
- (byte) 251, (byte) 56, (byte) 200, (byte) 52, (byte) 44, (byte) 226, (byte) 254, (byte) 109, (byte) 39,
- (byte) 250, (byte) 222, (byte) 74, (byte) 90, (byte) 72, (byte) 116, (byte) 151, (byte) 157, (byte) 212,
- (byte) 185, (byte) 207, (byte) 154, (byte) 222, (byte) 196, (byte) 199, (byte) 91, (byte) 5, (byte) 133,
- (byte) 44, (byte) 44, (byte) 15, (byte) 94, (byte) 248, (byte) 165, (byte) 193, (byte) 117, (byte) 3,
- (byte) 146, (byte) 249, (byte) 68, (byte) 232, (byte) 237, (byte) 100, (byte) 193, (byte) 16, (byte) 198,
- (byte) 182, (byte) 71, (byte) 96, (byte) 154, (byte) 164, (byte) 120, (byte) 58, (byte) 235, (byte) 156,
- (byte) 108, (byte) 154, (byte) 215, (byte) 85, (byte) 49, (byte) 48, (byte) 80, (byte) 99, (byte) 139,
- (byte) 131, (byte) 102, (byte) 92, (byte) 111, (byte) 111, (byte) 122, (byte) 130, (byte) 163, (byte) 150,
- (byte) 112, (byte) 42, (byte) 31, (byte) 100, (byte) 27, (byte) 130, (byte) 211, (byte) 235, (byte) 242,
- (byte) 57, (byte) 34, (byte) 25, (byte) 73, (byte) 31, (byte) 182, (byte) 134, (byte) 135, (byte) 44,
- (byte) 87, (byte) 22, (byte) 245, (byte) 10, (byte) 248, (byte) 53, (byte) 141, (byte) 154, (byte) 139,
- (byte) 157, (byte) 23, (byte) 195, (byte) 64, (byte) 114, (byte) 143, (byte) 127, (byte) 135, (byte) 216,
- (byte) 154, (byte) 24, (byte) 216, (byte) 252, (byte) 171, (byte) 103, (byte) 173, (byte) 132, (byte) 89,
- (byte) 12, (byte) 46, (byte) 207, (byte) 117, (byte) 147, (byte) 57, (byte) 54, (byte) 60, (byte) 7,
- (byte) 3, (byte) 77, (byte) 111, (byte) 96, (byte) 111, (byte) 158, (byte) 33, (byte) 224, (byte) 84,
- (byte) 86, (byte) 202, (byte) 229, (byte) 233, (byte) 161 };
- final byte[] e = { 1, 0, 1 };
- final byte[] d = { 18, (byte) 174, (byte) 113, (byte) 164, (byte) 105, (byte) 205, (byte) 10, (byte) 43,
- (byte) 195, (byte) 126, (byte) 82, (byte) 108, (byte) 69, (byte) 0, (byte) 87, (byte) 31, (byte) 29,
- (byte) 97, (byte) 117, (byte) 29, (byte) 100, (byte) 233, (byte) 73, (byte) 112, (byte) 123, (byte) 98,
- (byte) 89, (byte) 15, (byte) 157, (byte) 11, (byte) 165, (byte) 124, (byte) 150, (byte) 60, (byte) 64,
- (byte) 30, (byte) 63, (byte) 207, (byte) 47, (byte) 44, (byte) 211, (byte) 189, (byte) 236, (byte) 136,
- (byte) 229, (byte) 3, (byte) 191, (byte) 198, (byte) 67, (byte) 155, (byte) 11, (byte) 40, (byte) 200,
- (byte) 47, (byte) 125, (byte) 55, (byte) 151, (byte) 103, (byte) 31, (byte) 82, (byte) 19, (byte) 238,
- (byte) 216, (byte) 193, (byte) 90, (byte) 37, (byte) 216, (byte) 213, (byte) 206, (byte) 160, (byte) 2,
- (byte) 94, (byte) 227, (byte) 171, (byte) 46, (byte) 139, (byte) 127, (byte) 121, (byte) 33, (byte) 111,
- (byte) 198, (byte) 59, (byte) 234, (byte) 86, (byte) 39, (byte) 83, (byte) 180, (byte) 6, (byte) 68,
- (byte) 198, (byte) 161, (byte) 81, (byte) 39, (byte) 217, (byte) 178, (byte) 149, (byte) 69, (byte) 64,
- (byte) 160, (byte) 187, (byte) 225, (byte) 163, (byte) 5, (byte) 86, (byte) 152, (byte) 45, (byte) 78,
- (byte) 159, (byte) 222, (byte) 95, (byte) 100, (byte) 37, (byte) 241, (byte) 77, (byte) 75, (byte) 113,
- (byte) 52, (byte) 65, (byte) 181, (byte) 93, (byte) 199, (byte) 59, (byte) 155, (byte) 74, (byte) 237,
- (byte) 204, (byte) 146, (byte) 172, (byte) 227, (byte) 146, (byte) 126, (byte) 55, (byte) 245, (byte) 125,
- (byte) 12, (byte) 253, (byte) 94, (byte) 117, (byte) 129, (byte) 250, (byte) 81, (byte) 44, (byte) 143,
- (byte) 73, (byte) 97, (byte) 169, (byte) 235, (byte) 11, (byte) 128, (byte) 248, (byte) 168, (byte) 7,
- (byte) 70, (byte) 114, (byte) 138, (byte) 85, (byte) 255, (byte) 70, (byte) 71, (byte) 31, (byte) 52,
- (byte) 37, (byte) 6, (byte) 59, (byte) 157, (byte) 83, (byte) 100, (byte) 47, (byte) 94, (byte) 222,
- (byte) 30, (byte) 132, (byte) 214, (byte) 19, (byte) 8, (byte) 26, (byte) 250, (byte) 92, (byte) 34,
- (byte) 208, (byte) 81, (byte) 40, (byte) 91, (byte) 214, (byte) 59, (byte) 148, (byte) 59, (byte) 86,
- (byte) 93, (byte) 137, (byte) 138, (byte) 5, (byte) 104, (byte) 84, (byte) 19, (byte) 229, (byte) 60,
- (byte) 60, (byte) 108, (byte) 101, (byte) 37, (byte) 255, (byte) 31, (byte) 227, (byte) 78, (byte) 61,
- (byte) 220, (byte) 112, (byte) 240, (byte) 213, (byte) 100, (byte) 80, (byte) 253, (byte) 164, (byte) 139,
- (byte) 161, (byte) 46, (byte) 16, (byte) 78, (byte) 157, (byte) 235, (byte) 159, (byte) 184, (byte) 24,
- (byte) 129, (byte) 225, (byte) 196, (byte) 189, (byte) 242, (byte) 93, (byte) 146, (byte) 71, (byte) 244,
- (byte) 80, (byte) 200, (byte) 101, (byte) 146, (byte) 121, (byte) 104, (byte) 231, (byte) 115, (byte) 52,
- (byte) 244, (byte) 65, (byte) 79, (byte) 117, (byte) 167, (byte) 80, (byte) 225, (byte) 57, (byte) 84,
- (byte) 110, (byte) 58, (byte) 138, (byte) 115, (byte) 157 };
-
- BigInteger N = new BigInteger(1, n);
- BigInteger E = new BigInteger(1, e);
- BigInteger D = new BigInteger(1, d);
-
- KeyFactory keyFactory = KeyFactory.getInstance("RSA");
- RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(N, E);
- RSAPrivateKeySpec privKeySpec = new RSAPrivateKeySpec(N, D);
- rsaPublicKey = (RSAPublicKey) keyFactory.generatePublic(pubKeySpec);
- rsaPrivKey = (RSAPrivateKey) keyFactory.generatePrivate(privKeySpec);
-
- String accessToken = "eyJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ.cC4hiUPoj9Eetdgtv3hF80EGrhuB__dzERat0XF9g2VtQgr9PJbu3XOiZj5RZmh7AAuHIm4Bh-0Qc_lF5YKt_O8W2Fp5jujGbds9uJdbF9CUAr7t1dnZcAcQjbKBYNX4BAynRFdiuB--f_nZLgrnbyTyWzO75vRK5h6xBArLIARNPvkSjtQBMHlb1L07Qe7K0GarZRmB_eSN9383LcOLn6_dO--xi12jzDwusC-eOkHWEsqtFZESc6BfI7noOPqvhJ1phCnvWh6IeYI2w9QOYEUipUTI8np6LbgGY9Fs98rqVt5AXLIhWkWywlVmtVrBp0igcN_IoypGlUPQGe77Rw";
- String jwt[] = accessToken.split("\\.");
- assertTrue(sRsaImpl.verify(jwt[2], jwt[0], jwt[1], new PublicKey(rsaPublicKey)));
- }
-
- //validates the example in http://tools.ietf.org/html/draft-ietf-jose-cookbook-01#section-3.1
- @Test
- public void testCalculateCookbook() throws Exception{
- final byte[] n = TokenDecoder.base64DecodeToByte("n4EPtAOCc9AlkeQHPzHStgAbgs7bTZLwUBZdR8_KuKPEHLd4rHVTeT-O-XV2jRojdNhxJWTDvNd7nqQ0VEiZQHz_AJmSCpMaJMRBSFKrKb2wqVwGU_NsYOYL-QtiWN2lbzcEe6XC0dApr5ydQLrHqkHHig3RBordaZ6Aj-oBHqFEHYpPe7Tpe-OfVfHd1E6cS6M1FZcD1NNLYD5lFHpPI9bTwJlsde3uhGqC0ZCuEHg8lhzwOHrtIQbS0FVbb9k3-tVTU4fg_3L_vniUFAKwuCLqKnS2BYwdq_mzSnbLY7h_qixoR7jig3__kRhuaxwUkRz5iaiQkqgc5gHdrNP5zw");
- final byte[] e =TokenDecoder.base64DecodeToByte("AQAB");
- final byte[] d = TokenDecoder.base64DecodeToByte("bWUC9B-EFRIo8kpGfh0ZuyGPvMNKvYWNtB_ikiH9k20eT-O1q_I78eiZkpXxXQ0UTEs2LsNRS-8uJbvQ-A1irkwMSMkK1J3XTGgdrhCku9gRldY7sNA_AKZGh-Q661_42rINLRCe8W-nZ34ui_qOfkLnK9QWDDqpaIsA-bMwWWSDFu2MUBYwkHTMEzLYGqOe04noqeq1hExBTHBOBdkMXiuFhUq1BU6l-DqEiWxqg82sXt2h-LMnT3046AOYJoRioz75tSUQfGCshWTBnP5uDjd18kKhyv07lhfSJdrPdM5Plyl21hsFf4L_mHCuoFau7gdsPfHPxxjVOcOpBrQzwQ");
-
- BigInteger N = new BigInteger(1, n);
- BigInteger E = new BigInteger(1, e);
- BigInteger D = new BigInteger(1, d);
-
- KeyFactory keyFactory = KeyFactory.getInstance("RSA");
- RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(N, E);
- RSAPrivateKeySpec privKeySpec = new RSAPrivateKeySpec(N, D);
- rsaPublicKey = (RSAPublicKey) keyFactory.generatePublic(pubKeySpec);
- rsaPrivKey = (RSAPrivateKey) keyFactory.generatePrivate(privKeySpec);
-
-
- rsa256 = "{\"alg\":\"RS256\",\"kid\":\"[email protected]\"}";
-
- assertEquals("MRjdkly7_-oTPTS3AXP41iQIGKa80A0ZmTuV5MEaHoxnW2e5CZ5NlKtainoFmK"+
- "ZopdHM1O2U4mwzJdQx996ivp83xuglII7PNDi84wnB-BDkoBwA78185hX-Es4J"+
- "IwmDLJK3lfWRa-XtL0RnltuYv746iYTh_qHRD68BNt1uSNCrUCTJDt5aAE6x8w"+
- "W1Kt9eRo4QPocSadnHXFxnt8Is9UzpERV0ePPQdLuW3IS_de3xyIrDaLGdjluP"+
- "xUAhb6L2aXic1U12podGU0KLUQSE_oI-ZnmKJ3F4uOZDnd6QZWJushZ41Axf_f"+
- "cIe8u9ipH84ogoree7vjbU5y18kDquDg",
- sRsaImpl.calculate(TokenDecoder.base64Encode(rsa256),
- "SXTigJlzIGEgZGFuZ2Vyb3VzIGJ1c2luZXNzLCBGcm9kbywgZ29pbmcgb3V0IH"+
- "lvdXIgZG9vci4gWW91IHN0ZXAgb250byB0aGUgcm9hZCwgYW5kIGlmIHlvdSBk"+
- "b24ndCBrZWVwIHlvdXIgZmVldCwgdGhlcmXigJlzIG5vIGtub3dpbmcgd2hlcm"+
- "UgeW91IG1pZ2h0IGJlIHN3ZXB0IG9mZiB0by4", new PrivateKey(rsaPrivKey)));
- }
-
- //validates the example in http://tools.ietf.org/html/draft-ietf-jose-cookbook-01#section-3.1
- @Test
- public void testVerifyCookbook() throws Exception{
- final byte[] n = TokenDecoder.base64DecodeToByte("n4EPtAOCc9AlkeQHPzHStgAbgs7bTZLwUBZdR8_KuKPEHLd4rHVTeT-O-XV2jRojdNhxJWTDvNd7nqQ0VEiZQHz_AJmSCpMaJMRBSFKrKb2wqVwGU_NsYOYL-QtiWN2lbzcEe6XC0dApr5ydQLrHqkHHig3RBordaZ6Aj-oBHqFEHYpPe7Tpe-OfVfHd1E6cS6M1FZcD1NNLYD5lFHpPI9bTwJlsde3uhGqC0ZCuEHg8lhzwOHrtIQbS0FVbb9k3-tVTU4fg_3L_vniUFAKwuCLqKnS2BYwdq_mzSnbLY7h_qixoR7jig3__kRhuaxwUkRz5iaiQkqgc5gHdrNP5zw");
- final byte[] e =TokenDecoder.base64DecodeToByte("AQAB");
- final byte[] d = TokenDecoder.base64DecodeToByte("bWUC9B-EFRIo8kpGfh0ZuyGPvMNKvYWNtB_ikiH9k20eT-O1q_I78eiZkpXxXQ0UTEs2LsNRS-8uJbvQ-A1irkwMSMkK1J3XTGgdrhCku9gRldY7sNA_AKZGh-Q661_42rINLRCe8W-nZ34ui_qOfkLnK9QWDDqpaIsA-bMwWWSDFu2MUBYwkHTMEzLYGqOe04noqeq1hExBTHBOBdkMXiuFhUq1BU6l-DqEiWxqg82sXt2h-LMnT3046AOYJoRioz75tSUQfGCshWTBnP5uDjd18kKhyv07lhfSJdrPdM5Plyl21hsFf4L_mHCuoFau7gdsPfHPxxjVOcOpBrQzwQ");
-
- BigInteger N = new BigInteger(1, n);
- BigInteger E = new BigInteger(1, e);
- BigInteger D = new BigInteger(1, d);
-
- KeyFactory keyFactory = KeyFactory.getInstance("RSA");
- RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(N, E);
- RSAPrivateKeySpec privKeySpec = new RSAPrivateKeySpec(N, D);
- rsaPublicKey = (RSAPublicKey) keyFactory.generatePublic(pubKeySpec);
- rsaPrivKey = (RSAPrivateKey) keyFactory.generatePrivate(privKeySpec);
-
- String accessToken = "eyJhbGciOiJSUzI1NiIsImtpZCI6ImJpbGJvLmJhZ2dpbnNAaG9iYml0b24uZXhhbXBsZSJ9." +
- "SXTigJlzIGEgZGFuZ2Vyb3VzIGJ1c2luZXNzLCBGcm9kbywgZ29pbmcgb3V0IH" +
- "lvdXIgZG9vci4gWW91IHN0ZXAgb250byB0aGUgcm9hZCwgYW5kIGlmIHlvdSBk" +
- "b24ndCBrZWVwIHlvdXIgZmVldCwgdGhlcmXigJlzIG5vIGtub3dpbmcgd2hlcm" +
- "UgeW91IG1pZ2h0IGJlIHN3ZXB0IG9mZiB0by4." +
- "MRjdkly7_-oTPTS3AXP41iQIGKa80A0ZmTuV5MEaHoxnW2e5CZ5NlKtainoFmK" +
- "ZopdHM1O2U4mwzJdQx996ivp83xuglII7PNDi84wnB-BDkoBwA78185hX-Es4J" +
- "IwmDLJK3lfWRa-XtL0RnltuYv746iYTh_qHRD68BNt1uSNCrUCTJDt5aAE6x8w" +
- "W1Kt9eRo4QPocSadnHXFxnt8Is9UzpERV0ePPQdLuW3IS_de3xyIrDaLGdjluP" +
- "xUAhb6L2aXic1U12podGU0KLUQSE_oI-ZnmKJ3F4uOZDnd6QZWJushZ41Axf_f" +
- "cIe8u9ipH84ogoree7vjbU5y18kDquDg";
- String jwt[] = accessToken.split("\\.");
- assertTrue(sRsaImpl.verify(jwt[2], jwt[0], jwt[1], new PublicKey(rsaPublicKey)));
- }
-
-}
Index: src/test/java/org/apache/oltu/jose/jws/signature/impl/SignatureMethodsHMAC256ImplTest.java
===================================================================
--- src/test/java/org/apache/oltu/jose/jws/signature/impl/SignatureMethodsHMAC256ImplTest.java (revision 1605704)
+++ src/test/java/org/apache/oltu/jose/jws/signature/impl/SignatureMethodsHMAC256ImplTest.java (working copy)
@@ -1,83 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.oltu.jose.jws.signature.impl;
-
-import org.apache.oltu.commons.encodedtoken.TokenDecoder;
-import org.apache.oltu.jose.jws.signature.impl.SignatureMethodsHMAC256Impl;
-import org.apache.oltu.jose.jws.signature.impl.SymmetricKeyImpl;
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-
-public class SignatureMethodsHMAC256ImplTest {
-
- private final byte[] hsKey = { 3, (byte) 35, (byte) 53, (byte) 75,
- (byte) 43, (byte) 15, (byte) 165, (byte) 188, (byte) 131,
- (byte) 126, (byte) 6, (byte) 101, (byte) 119, (byte) 123,
- (byte) 166, (byte) 143, (byte) 90, (byte) 179, (byte) 40,
- (byte) 230, (byte) 240, (byte) 84, (byte) 201, (byte) 40,
- (byte) 169, (byte) 15, (byte) 132, (byte) 178, (byte) 210,
- (byte) 80, (byte) 46, (byte) 191, (byte) 211, (byte) 251,
- (byte) 90, (byte) 146, (byte) 210, (byte) 6, (byte) 71, (byte) 239,
- (byte) 150, (byte) 138, (byte) 180, (byte) 195, (byte) 119,
- (byte) 98, (byte) 61, (byte) 34, (byte) 61, (byte) 46, (byte) 33,
- (byte) 114, (byte) 5, (byte) 46, (byte) 79, (byte) 8, (byte) 192,
- (byte) 205, (byte) 154, (byte) 245, (byte) 103, (byte) 208,
- (byte) 128, (byte) 163 };
-
- private String hs256;
-
- private String payload;
-
- private SymmetricKeyImpl key;
-
- private SignatureMethodsHMAC256Impl sHmacImpl;
-
- @Before
- public void setUp() {
- payload = "{\"iss\":\"joe\",\r\n \"exp\":1300819380,\r\n \"http://example.com/is_root\":true}";
- hs256 = "{\"typ\":\"JWT\",\r\n" + " \"alg\":\"HS256\"}";
- key = new SymmetricKeyImpl(hsKey);
- sHmacImpl = new SignatureMethodsHMAC256Impl();
- }
-
- @After
- public void tearDown() {
- payload = null;
- hs256 = null;
- key = null;
- sHmacImpl = null;
- }
-
- @Test
- public void testCalculate() {
- assertEquals("dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk",
- sHmacImpl.calculate(TokenDecoder.base64Encode(hs256),
- TokenDecoder.base64Encode(payload), key));
- }
-
- @Test
- public void testVerify() {
- String accessToken = "eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ.dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk";
- String jwt[] = accessToken.split("\\.");
- assertTrue(sHmacImpl.verify(jwt[2], jwt[0], jwt[1], key));
- }
-
-}
Index: src/test/java/org/apache/oltu/jose/jws/signature/impl/hmac/Hmac256SignatureMethodTest.java
===================================================================
--- src/test/java/org/apache/oltu/jose/jws/signature/impl/hmac/Hmac256SignatureMethodTest.java (revision 0)
+++ src/test/java/org/apache/oltu/jose/jws/signature/impl/hmac/Hmac256SignatureMethodTest.java (working copy)
@@ -0,0 +1,83 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.oltu.jose.jws.signature.impl.hmac;
+
+import org.apache.oltu.commons.encodedtoken.TokenDecoder;
+import org.apache.oltu.jose.jws.signature.impl.hmac.Hmac256SignatureMethod;
+import org.apache.oltu.jose.jws.signature.impl.hmac.HmacSymmetricKey;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+
+public class Hmac256SignatureMethodTest {
+
+ private final byte[] hsKey = { 3, (byte) 35, (byte) 53, (byte) 75,
+ (byte) 43, (byte) 15, (byte) 165, (byte) 188, (byte) 131,
+ (byte) 126, (byte) 6, (byte) 101, (byte) 119, (byte) 123,
+ (byte) 166, (byte) 143, (byte) 90, (byte) 179, (byte) 40,
+ (byte) 230, (byte) 240, (byte) 84, (byte) 201, (byte) 40,
+ (byte) 169, (byte) 15, (byte) 132, (byte) 178, (byte) 210,
+ (byte) 80, (byte) 46, (byte) 191, (byte) 211, (byte) 251,
+ (byte) 90, (byte) 146, (byte) 210, (byte) 6, (byte) 71, (byte) 239,
+ (byte) 150, (byte) 138, (byte) 180, (byte) 195, (byte) 119,
+ (byte) 98, (byte) 61, (byte) 34, (byte) 61, (byte) 46, (byte) 33,
+ (byte) 114, (byte) 5, (byte) 46, (byte) 79, (byte) 8, (byte) 192,
+ (byte) 205, (byte) 154, (byte) 245, (byte) 103, (byte) 208,
+ (byte) 128, (byte) 163 };
+
+ private String hs256;
+
+ private String payload;
+
+ private HmacSymmetricKey key;
+
+ private Hmac256SignatureMethod sHmacImpl;
+
+ @Before
+ public void setUp() {
+ payload = "{\"iss\":\"joe\",\r\n \"exp\":1300819380,\r\n \"http://example.com/is_root\":true}";
+ hs256 = "{\"typ\":\"JWT\",\r\n" + " \"alg\":\"HS256\"}";
+ key = KeyFactory.generate(hsKey);
+ sHmacImpl = new Hmac256SignatureMethod();
+ }
+
+ @After
+ public void tearDown() {
+ payload = null;
+ hs256 = null;
+ key = null;
+ sHmacImpl = null;
+ }
+
+ @Test
+ public void testCalculate() {
+ assertEquals("dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk",
+ sHmacImpl.calculate(TokenDecoder.base64Encode(hs256),
+ TokenDecoder.base64Encode(payload), key));
+ }
+
+ @Test
+ public void testVerify() {
+ String accessToken = "eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ.dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk";
+ String jwt[] = accessToken.split("\\.");
+ assertTrue(sHmacImpl.verify(jwt[2], jwt[0], jwt[1], key));
+ }
+
+}
Property changes on: src/test/java/org/apache/oltu/jose/jws/signature/impl/hmac/Hmac256SignatureMethodTest.java
___________________________________________________________________
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+Date Author Id Revision HeadURL
\ No newline at end of property
Index: src/test/java/org/apache/oltu/jose/jws/signature/impl/rsa/RsaSignatureMethodTest.java
===================================================================
--- src/test/java/org/apache/oltu/jose/jws/signature/impl/rsa/RsaSignatureMethodTest.java (revision 0)
+++ src/test/java/org/apache/oltu/jose/jws/signature/impl/rsa/RsaSignatureMethodTest.java (working copy)
@@ -0,0 +1,223 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.oltu.jose.jws.signature.impl.rsa;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+
+import org.apache.oltu.commons.encodedtoken.TokenDecoder;
+import org.apache.oltu.jose.jws.signature.SignatureMethod;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+
+
+/**
+ * Unit test based on the example contained in
+ * http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-25#appendix-A.2 and
+ * http://tools.ietf.org/html/draft-ietf-jose-cookbook-01#section-3.1
+ *
+ */
+public class RsaSignatureMethodTest {
+
+ private String rsa256;
+
+ private SignatureMethod<PrivateKey, PublicKey> sRsaImpl;
+
+ private String payload;
+
+ private KeyFactory rsaKeyFactory;
+
+ @Before
+ public void setUp() throws Exception {
+ sRsaImpl = new Sha256SignatureMethod();
+ rsaKeyFactory = new KeyFactory();
+ }
+
+ @After
+ public void tearDown() {
+ payload = null;
+ rsa256 = null;
+ sRsaImpl= null;
+ rsaKeyFactory = null;
+ }
+
+ //validates the example in http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-25#appendix-A.2
+ @Test
+ public void testCalculate() throws Exception{
+ final byte[] n = { (byte) 161, (byte) 248, (byte) 22, (byte) 10, (byte) 226, (byte) 227, (byte) 201, (byte) 180,
+ (byte) 101, (byte) 206, (byte) 141, (byte) 45, (byte) 101, (byte) 98, (byte) 99, (byte) 54, (byte) 43,
+ (byte) 146, (byte) 125, (byte) 190, (byte) 41, (byte) 225, (byte) 240, (byte) 36, (byte) 119, (byte) 252,
+ (byte) 22, (byte) 37, (byte) 204, (byte) 144, (byte) 161, (byte) 54, (byte) 227, (byte) 139, (byte) 217,
+ (byte) 52, (byte) 151, (byte) 197, (byte) 182, (byte) 234, (byte) 99, (byte) 221, (byte) 119, (byte) 17,
+ (byte) 230, (byte) 124, (byte) 116, (byte) 41, (byte) 249, (byte) 86, (byte) 176, (byte) 251, (byte) 138,
+ (byte) 143, (byte) 8, (byte) 154, (byte) 220, (byte) 75, (byte) 105, (byte) 137, (byte) 60, (byte) 193,
+ (byte) 51, (byte) 63, (byte) 83, (byte) 237, (byte) 208, (byte) 25, (byte) 184, (byte) 119, (byte) 132,
+ (byte) 37, (byte) 47, (byte) 236, (byte) 145, (byte) 79, (byte) 228, (byte) 133, (byte) 119, (byte) 105,
+ (byte) 89, (byte) 75, (byte) 234, (byte) 66, (byte) 128, (byte) 211, (byte) 44, (byte) 15, (byte) 85,
+ (byte) 191, (byte) 98, (byte) 148, (byte) 79, (byte) 19, (byte) 3, (byte) 150, (byte) 188, (byte) 110,
+ (byte) 155, (byte) 223, (byte) 110, (byte) 189, (byte) 210, (byte) 189, (byte) 163, (byte) 103, (byte) 142,
+ (byte) 236, (byte) 160, (byte) 198, (byte) 104, (byte) 247, (byte) 1, (byte) 179, (byte) 141, (byte) 191,
+ (byte) 251, (byte) 56, (byte) 200, (byte) 52, (byte) 44, (byte) 226, (byte) 254, (byte) 109, (byte) 39,
+ (byte) 250, (byte) 222, (byte) 74, (byte) 90, (byte) 72, (byte) 116, (byte) 151, (byte) 157, (byte) 212,
+ (byte) 185, (byte) 207, (byte) 154, (byte) 222, (byte) 196, (byte) 199, (byte) 91, (byte) 5, (byte) 133,
+ (byte) 44, (byte) 44, (byte) 15, (byte) 94, (byte) 248, (byte) 165, (byte) 193, (byte) 117, (byte) 3,
+ (byte) 146, (byte) 249, (byte) 68, (byte) 232, (byte) 237, (byte) 100, (byte) 193, (byte) 16, (byte) 198,
+ (byte) 182, (byte) 71, (byte) 96, (byte) 154, (byte) 164, (byte) 120, (byte) 58, (byte) 235, (byte) 156,
+ (byte) 108, (byte) 154, (byte) 215, (byte) 85, (byte) 49, (byte) 48, (byte) 80, (byte) 99, (byte) 139,
+ (byte) 131, (byte) 102, (byte) 92, (byte) 111, (byte) 111, (byte) 122, (byte) 130, (byte) 163, (byte) 150,
+ (byte) 112, (byte) 42, (byte) 31, (byte) 100, (byte) 27, (byte) 130, (byte) 211, (byte) 235, (byte) 242,
+ (byte) 57, (byte) 34, (byte) 25, (byte) 73, (byte) 31, (byte) 182, (byte) 134, (byte) 135, (byte) 44,
+ (byte) 87, (byte) 22, (byte) 245, (byte) 10, (byte) 248, (byte) 53, (byte) 141, (byte) 154, (byte) 139,
+ (byte) 157, (byte) 23, (byte) 195, (byte) 64, (byte) 114, (byte) 143, (byte) 127, (byte) 135, (byte) 216,
+ (byte) 154, (byte) 24, (byte) 216, (byte) 252, (byte) 171, (byte) 103, (byte) 173, (byte) 132, (byte) 89,
+ (byte) 12, (byte) 46, (byte) 207, (byte) 117, (byte) 147, (byte) 57, (byte) 54, (byte) 60, (byte) 7,
+ (byte) 3, (byte) 77, (byte) 111, (byte) 96, (byte) 111, (byte) 158, (byte) 33, (byte) 224, (byte) 84,
+ (byte) 86, (byte) 202, (byte) 229, (byte) 233, (byte) 161 };
+ final byte[] d = { 18, (byte) 174, (byte) 113, (byte) 164, (byte) 105, (byte) 205, (byte) 10, (byte) 43,
+ (byte) 195, (byte) 126, (byte) 82, (byte) 108, (byte) 69, (byte) 0, (byte) 87, (byte) 31, (byte) 29,
+ (byte) 97, (byte) 117, (byte) 29, (byte) 100, (byte) 233, (byte) 73, (byte) 112, (byte) 123, (byte) 98,
+ (byte) 89, (byte) 15, (byte) 157, (byte) 11, (byte) 165, (byte) 124, (byte) 150, (byte) 60, (byte) 64,
+ (byte) 30, (byte) 63, (byte) 207, (byte) 47, (byte) 44, (byte) 211, (byte) 189, (byte) 236, (byte) 136,
+ (byte) 229, (byte) 3, (byte) 191, (byte) 198, (byte) 67, (byte) 155, (byte) 11, (byte) 40, (byte) 200,
+ (byte) 47, (byte) 125, (byte) 55, (byte) 151, (byte) 103, (byte) 31, (byte) 82, (byte) 19, (byte) 238,
+ (byte) 216, (byte) 193, (byte) 90, (byte) 37, (byte) 216, (byte) 213, (byte) 206, (byte) 160, (byte) 2,
+ (byte) 94, (byte) 227, (byte) 171, (byte) 46, (byte) 139, (byte) 127, (byte) 121, (byte) 33, (byte) 111,
+ (byte) 198, (byte) 59, (byte) 234, (byte) 86, (byte) 39, (byte) 83, (byte) 180, (byte) 6, (byte) 68,
+ (byte) 198, (byte) 161, (byte) 81, (byte) 39, (byte) 217, (byte) 178, (byte) 149, (byte) 69, (byte) 64,
+ (byte) 160, (byte) 187, (byte) 225, (byte) 163, (byte) 5, (byte) 86, (byte) 152, (byte) 45, (byte) 78,
+ (byte) 159, (byte) 222, (byte) 95, (byte) 100, (byte) 37, (byte) 241, (byte) 77, (byte) 75, (byte) 113,
+ (byte) 52, (byte) 65, (byte) 181, (byte) 93, (byte) 199, (byte) 59, (byte) 155, (byte) 74, (byte) 237,
+ (byte) 204, (byte) 146, (byte) 172, (byte) 227, (byte) 146, (byte) 126, (byte) 55, (byte) 245, (byte) 125,
+ (byte) 12, (byte) 253, (byte) 94, (byte) 117, (byte) 129, (byte) 250, (byte) 81, (byte) 44, (byte) 143,
+ (byte) 73, (byte) 97, (byte) 169, (byte) 235, (byte) 11, (byte) 128, (byte) 248, (byte) 168, (byte) 7,
+ (byte) 70, (byte) 114, (byte) 138, (byte) 85, (byte) 255, (byte) 70, (byte) 71, (byte) 31, (byte) 52,
+ (byte) 37, (byte) 6, (byte) 59, (byte) 157, (byte) 83, (byte) 100, (byte) 47, (byte) 94, (byte) 222,
+ (byte) 30, (byte) 132, (byte) 214, (byte) 19, (byte) 8, (byte) 26, (byte) 250, (byte) 92, (byte) 34,
+ (byte) 208, (byte) 81, (byte) 40, (byte) 91, (byte) 214, (byte) 59, (byte) 148, (byte) 59, (byte) 86,
+ (byte) 93, (byte) 137, (byte) 138, (byte) 5, (byte) 104, (byte) 84, (byte) 19, (byte) 229, (byte) 60,
+ (byte) 60, (byte) 108, (byte) 101, (byte) 37, (byte) 255, (byte) 31, (byte) 227, (byte) 78, (byte) 61,
+ (byte) 220, (byte) 112, (byte) 240, (byte) 213, (byte) 100, (byte) 80, (byte) 253, (byte) 164, (byte) 139,
+ (byte) 161, (byte) 46, (byte) 16, (byte) 78, (byte) 157, (byte) 235, (byte) 159, (byte) 184, (byte) 24,
+ (byte) 129, (byte) 225, (byte) 196, (byte) 189, (byte) 242, (byte) 93, (byte) 146, (byte) 71, (byte) 244,
+ (byte) 80, (byte) 200, (byte) 101, (byte) 146, (byte) 121, (byte) 104, (byte) 231, (byte) 115, (byte) 52,
+ (byte) 244, (byte) 65, (byte) 79, (byte) 117, (byte) 167, (byte) 80, (byte) 225, (byte) 57, (byte) 84,
+ (byte) 110, (byte) 58, (byte) 138, (byte) 115, (byte) 157 };
+
+ PrivateKey privateKey = rsaKeyFactory.generatePrivate(n, d);
+
+ rsa256 = "{\"alg\":\"RS256\"}";
+ payload = "{\"iss\":\"joe\",\r\n \"exp\":1300819380,\r\n \"http://example.com/is_root\":true}";
+
+ assertEquals("cC4hiUPoj9Eetdgtv3hF80EGrhuB__dzERat0XF9g2VtQgr9PJbu3XOiZj5RZmh7"+
+ "AAuHIm4Bh-0Qc_lF5YKt_O8W2Fp5jujGbds9uJdbF9CUAr7t1dnZcAcQjbKBYNX4"+
+ "BAynRFdiuB--f_nZLgrnbyTyWzO75vRK5h6xBArLIARNPvkSjtQBMHlb1L07Qe7K"+
+ "0GarZRmB_eSN9383LcOLn6_dO--xi12jzDwusC-eOkHWEsqtFZESc6BfI7noOPqv"+
+ "hJ1phCnvWh6IeYI2w9QOYEUipUTI8np6LbgGY9Fs98rqVt5AXLIhWkWywlVmtVrB"+
+ "p0igcN_IoypGlUPQGe77Rw",
+ sRsaImpl.calculate(TokenDecoder.base64Encode(rsa256),
+ TokenDecoder.base64Encode(payload), privateKey));
+ }
+
+ //validates the example in http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-25#appendix-A.2
+ @Test
+ public void testVerify() throws Exception{
+ final byte[] n = { (byte) 161, (byte) 248, (byte) 22, (byte) 10, (byte) 226, (byte) 227, (byte) 201, (byte) 180,
+ (byte) 101, (byte) 206, (byte) 141, (byte) 45, (byte) 101, (byte) 98, (byte) 99, (byte) 54, (byte) 43,
+ (byte) 146, (byte) 125, (byte) 190, (byte) 41, (byte) 225, (byte) 240, (byte) 36, (byte) 119, (byte) 252,
+ (byte) 22, (byte) 37, (byte) 204, (byte) 144, (byte) 161, (byte) 54, (byte) 227, (byte) 139, (byte) 217,
+ (byte) 52, (byte) 151, (byte) 197, (byte) 182, (byte) 234, (byte) 99, (byte) 221, (byte) 119, (byte) 17,
+ (byte) 230, (byte) 124, (byte) 116, (byte) 41, (byte) 249, (byte) 86, (byte) 176, (byte) 251, (byte) 138,
+ (byte) 143, (byte) 8, (byte) 154, (byte) 220, (byte) 75, (byte) 105, (byte) 137, (byte) 60, (byte) 193,
+ (byte) 51, (byte) 63, (byte) 83, (byte) 237, (byte) 208, (byte) 25, (byte) 184, (byte) 119, (byte) 132,
+ (byte) 37, (byte) 47, (byte) 236, (byte) 145, (byte) 79, (byte) 228, (byte) 133, (byte) 119, (byte) 105,
+ (byte) 89, (byte) 75, (byte) 234, (byte) 66, (byte) 128, (byte) 211, (byte) 44, (byte) 15, (byte) 85,
+ (byte) 191, (byte) 98, (byte) 148, (byte) 79, (byte) 19, (byte) 3, (byte) 150, (byte) 188, (byte) 110,
+ (byte) 155, (byte) 223, (byte) 110, (byte) 189, (byte) 210, (byte) 189, (byte) 163, (byte) 103, (byte) 142,
+ (byte) 236, (byte) 160, (byte) 198, (byte) 104, (byte) 247, (byte) 1, (byte) 179, (byte) 141, (byte) 191,
+ (byte) 251, (byte) 56, (byte) 200, (byte) 52, (byte) 44, (byte) 226, (byte) 254, (byte) 109, (byte) 39,
+ (byte) 250, (byte) 222, (byte) 74, (byte) 90, (byte) 72, (byte) 116, (byte) 151, (byte) 157, (byte) 212,
+ (byte) 185, (byte) 207, (byte) 154, (byte) 222, (byte) 196, (byte) 199, (byte) 91, (byte) 5, (byte) 133,
+ (byte) 44, (byte) 44, (byte) 15, (byte) 94, (byte) 248, (byte) 165, (byte) 193, (byte) 117, (byte) 3,
+ (byte) 146, (byte) 249, (byte) 68, (byte) 232, (byte) 237, (byte) 100, (byte) 193, (byte) 16, (byte) 198,
+ (byte) 182, (byte) 71, (byte) 96, (byte) 154, (byte) 164, (byte) 120, (byte) 58, (byte) 235, (byte) 156,
+ (byte) 108, (byte) 154, (byte) 215, (byte) 85, (byte) 49, (byte) 48, (byte) 80, (byte) 99, (byte) 139,
+ (byte) 131, (byte) 102, (byte) 92, (byte) 111, (byte) 111, (byte) 122, (byte) 130, (byte) 163, (byte) 150,
+ (byte) 112, (byte) 42, (byte) 31, (byte) 100, (byte) 27, (byte) 130, (byte) 211, (byte) 235, (byte) 242,
+ (byte) 57, (byte) 34, (byte) 25, (byte) 73, (byte) 31, (byte) 182, (byte) 134, (byte) 135, (byte) 44,
+ (byte) 87, (byte) 22, (byte) 245, (byte) 10, (byte) 248, (byte) 53, (byte) 141, (byte) 154, (byte) 139,
+ (byte) 157, (byte) 23, (byte) 195, (byte) 64, (byte) 114, (byte) 143, (byte) 127, (byte) 135, (byte) 216,
+ (byte) 154, (byte) 24, (byte) 216, (byte) 252, (byte) 171, (byte) 103, (byte) 173, (byte) 132, (byte) 89,
+ (byte) 12, (byte) 46, (byte) 207, (byte) 117, (byte) 147, (byte) 57, (byte) 54, (byte) 60, (byte) 7,
+ (byte) 3, (byte) 77, (byte) 111, (byte) 96, (byte) 111, (byte) 158, (byte) 33, (byte) 224, (byte) 84,
+ (byte) 86, (byte) 202, (byte) 229, (byte) 233, (byte) 161 };
+ final byte[] e = { 1, 0, 1 };
+
+ PublicKey publicKey = rsaKeyFactory.generatePublic(n, e);
+
+ String accessToken = "eyJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ.cC4hiUPoj9Eetdgtv3hF80EGrhuB__dzERat0XF9g2VtQgr9PJbu3XOiZj5RZmh7AAuHIm4Bh-0Qc_lF5YKt_O8W2Fp5jujGbds9uJdbF9CUAr7t1dnZcAcQjbKBYNX4BAynRFdiuB--f_nZLgrnbyTyWzO75vRK5h6xBArLIARNPvkSjtQBMHlb1L07Qe7K0GarZRmB_eSN9383LcOLn6_dO--xi12jzDwusC-eOkHWEsqtFZESc6BfI7noOPqvhJ1phCnvWh6IeYI2w9QOYEUipUTI8np6LbgGY9Fs98rqVt5AXLIhWkWywlVmtVrBp0igcN_IoypGlUPQGe77Rw";
+ String jwt[] = accessToken.split("\\.");
+ assertTrue(sRsaImpl.verify(jwt[2], jwt[0], jwt[1], publicKey));
+ }
+
+ //validates the example in http://tools.ietf.org/html/draft-ietf-jose-cookbook-01#section-3.1
+ @Test
+ public void testCalculateCookbook() throws Exception{
+ final String n = "n4EPtAOCc9AlkeQHPzHStgAbgs7bTZLwUBZdR8_KuKPEHLd4rHVTeT-O-XV2jRojdNhxJWTDvNd7nqQ0VEiZQHz_AJmSCpMaJMRBSFKrKb2wqVwGU_NsYOYL-QtiWN2lbzcEe6XC0dApr5ydQLrHqkHHig3RBordaZ6Aj-oBHqFEHYpPe7Tpe-OfVfHd1E6cS6M1FZcD1NNLYD5lFHpPI9bTwJlsde3uhGqC0ZCuEHg8lhzwOHrtIQbS0FVbb9k3-tVTU4fg_3L_vniUFAKwuCLqKnS2BYwdq_mzSnbLY7h_qixoR7jig3__kRhuaxwUkRz5iaiQkqgc5gHdrNP5zw";
+ final String d = "bWUC9B-EFRIo8kpGfh0ZuyGPvMNKvYWNtB_ikiH9k20eT-O1q_I78eiZkpXxXQ0UTEs2LsNRS-8uJbvQ-A1irkwMSMkK1J3XTGgdrhCku9gRldY7sNA_AKZGh-Q661_42rINLRCe8W-nZ34ui_qOfkLnK9QWDDqpaIsA-bMwWWSDFu2MUBYwkHTMEzLYGqOe04noqeq1hExBTHBOBdkMXiuFhUq1BU6l-DqEiWxqg82sXt2h-LMnT3046AOYJoRioz75tSUQfGCshWTBnP5uDjd18kKhyv07lhfSJdrPdM5Plyl21hsFf4L_mHCuoFau7gdsPfHPxxjVOcOpBrQzwQ";
+
+ PrivateKey privateKey = rsaKeyFactory.generatePrivate(n, d);
+
+ rsa256 = "{\"alg\":\"RS256\",\"kid\":\"[email protected]\"}";
+
+ assertEquals("MRjdkly7_-oTPTS3AXP41iQIGKa80A0ZmTuV5MEaHoxnW2e5CZ5NlKtainoFmK"+
+ "ZopdHM1O2U4mwzJdQx996ivp83xuglII7PNDi84wnB-BDkoBwA78185hX-Es4J"+
+ "IwmDLJK3lfWRa-XtL0RnltuYv746iYTh_qHRD68BNt1uSNCrUCTJDt5aAE6x8w"+
+ "W1Kt9eRo4QPocSadnHXFxnt8Is9UzpERV0ePPQdLuW3IS_de3xyIrDaLGdjluP"+
+ "xUAhb6L2aXic1U12podGU0KLUQSE_oI-ZnmKJ3F4uOZDnd6QZWJushZ41Axf_f"+
+ "cIe8u9ipH84ogoree7vjbU5y18kDquDg",
+ sRsaImpl.calculate(TokenDecoder.base64Encode(rsa256),
+ "SXTigJlzIGEgZGFuZ2Vyb3VzIGJ1c2luZXNzLCBGcm9kbywgZ29pbmcgb3V0IH"+
+ "lvdXIgZG9vci4gWW91IHN0ZXAgb250byB0aGUgcm9hZCwgYW5kIGlmIHlvdSBk"+
+ "b24ndCBrZWVwIHlvdXIgZmVldCwgdGhlcmXigJlzIG5vIGtub3dpbmcgd2hlcm"+
+ "UgeW91IG1pZ2h0IGJlIHN3ZXB0IG9mZiB0by4", privateKey));
+ }
+
+ //validates the example in http://tools.ietf.org/html/draft-ietf-jose-cookbook-01#section-3.1
+ @Test
+ public void testVerifyCookbook() throws Exception{
+ final String n = "n4EPtAOCc9AlkeQHPzHStgAbgs7bTZLwUBZdR8_KuKPEHLd4rHVTeT-O-XV2jRojdNhxJWTDvNd7nqQ0VEiZQHz_AJmSCpMaJMRBSFKrKb2wqVwGU_NsYOYL-QtiWN2lbzcEe6XC0dApr5ydQLrHqkHHig3RBordaZ6Aj-oBHqFEHYpPe7Tpe-OfVfHd1E6cS6M1FZcD1NNLYD5lFHpPI9bTwJlsde3uhGqC0ZCuEHg8lhzwOHrtIQbS0FVbb9k3-tVTU4fg_3L_vniUFAKwuCLqKnS2BYwdq_mzSnbLY7h_qixoR7jig3__kRhuaxwUkRz5iaiQkqgc5gHdrNP5zw";
+ final String e = "AQAB";
+
+ PublicKey publicKey = rsaKeyFactory.generatePublic(n, e);
+
+ String accessToken = "eyJhbGciOiJSUzI1NiIsImtpZCI6ImJpbGJvLmJhZ2dpbnNAaG9iYml0b24uZXhhbXBsZSJ9." +
+ "SXTigJlzIGEgZGFuZ2Vyb3VzIGJ1c2luZXNzLCBGcm9kbywgZ29pbmcgb3V0IH" +
+ "lvdXIgZG9vci4gWW91IHN0ZXAgb250byB0aGUgcm9hZCwgYW5kIGlmIHlvdSBk" +
+ "b24ndCBrZWVwIHlvdXIgZmVldCwgdGhlcmXigJlzIG5vIGtub3dpbmcgd2hlcm" +
+ "UgeW91IG1pZ2h0IGJlIHN3ZXB0IG9mZiB0by4." +
+ "MRjdkly7_-oTPTS3AXP41iQIGKa80A0ZmTuV5MEaHoxnW2e5CZ5NlKtainoFmK" +
+ "ZopdHM1O2U4mwzJdQx996ivp83xuglII7PNDi84wnB-BDkoBwA78185hX-Es4J" +
+ "IwmDLJK3lfWRa-XtL0RnltuYv746iYTh_qHRD68BNt1uSNCrUCTJDt5aAE6x8w" +
+ "W1Kt9eRo4QPocSadnHXFxnt8Is9UzpERV0ePPQdLuW3IS_de3xyIrDaLGdjluP" +
+ "xUAhb6L2aXic1U12podGU0KLUQSE_oI-ZnmKJ3F4uOZDnd6QZWJushZ41Axf_f" +
+ "cIe8u9ipH84ogoree7vjbU5y18kDquDg";
+ String jwt[] = accessToken.split("\\.");
+ assertTrue(sRsaImpl.verify(jwt[2], jwt[0], jwt[1], publicKey));
+ }
+
+}
Property changes on: src/test/java/org/apache/oltu/jose/jws/signature/impl/rsa/RsaSignatureMethodTest.java
___________________________________________________________________
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+Date Author Id Revision HeadURL
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment